Difference between revisions of "Electra"

From The iPhone Wiki
Jump to: navigation, search
Line 4: Line 4:
 
| developer = [https://twitter.com/coolstarorg CoolStar]
 
| developer = [https://twitter.com/coolstarorg CoolStar]
 
| released = {{Start date|2018|01|13|df=yes}}
 
| released = {{Start date|2018|01|13|df=yes}}
| latest release version = 1.3.0<small> (iOS 11.0-11.1.2)</small><br />1.3.0<small> (iOS 11.2-11.4.1)</small><br />1.0.5<small> (tvOS)</small>
+
| latest release version = 1.3.1<small> (iOS 11.0-11.1.2)</small><br />1.3.1<small> (iOS 11.2-11.4.1)</small><br />1.0.5<small> (tvOS)</small>
| latest release date = {{Start date and age|2019|02|03|df=yes}}<small>(iOS 11.0-11.1.2)</small><br />{{Start date and age|2019|02|03|df=yes}}<small>(iOS 11.2-11.3.1)</small><br />{{Start date and age|2018|07|13|df=yes}}<small>(tvOS)</small>
+
| latest release date = {{Start date and age|2019|02|05|df=yes}}<small>(iOS 11.0-11.1.2)</small><br />{{Start date and age|2019|02|05|df=yes}}<small>(iOS 11.2-11.3.1)</small><br />{{Start date and age|2018|07|13|df=yes}}<small>(tvOS)</small>
 
| operating system = iOS
 
| operating system = iOS
 
| language = English
 
| language = English
Line 296: Line 296:
 
*jailbreakd2: Faster ldrestarts, resprings
 
*jailbreakd2: Faster ldrestarts, resprings
 
*jailbreakd2: XCode debugging success rate improved (click continue in the debugger on SIGCONT to proceed debugging)
 
*jailbreakd2: XCode debugging success rate improved (click continue in the debugger on SIGCONT to proceed debugging)
  +
|-
  +
| 1.3.1
  +
| {{date|2019|02|05}}
  +
|
  +
*Increase jailbreak success rate on A7 - A8 on 11.2+
  +
*Update liboffsetfinder64 to latest version
 
|}
 
|}
   

Revision as of 01:59, 6 February 2019

Electra
Developer(s) CoolStar
Initial release 13 Jan 2018 (2018-01-13)
Stable release 1.3.1 (iOS 11.0-11.1.2)
1.3.1 (iOS 11.2-11.4.1)
1.0.5 (tvOS) / 5 February 2019; 5 years ago(iOS 11.0-11.1.2)
5 February 2019; 5 years ago(iOS 11.2-11.3.1)
13 July 2018; 6 years ago(tvOS)
Operating system iOS
Available in English
Type Jailbreaking
Website Electra (11.0-11.1.2)
Electra (11.2-11.3.1)

Electra is a semi-untethered jailbreak for all devices running 11.0 - 11.4.1. There are two versions of Electra - one supporting iOS 11.0 - 11.1.2, and the other supporting iOS 11.2 - 11.4.1 and tvOS 11.2 - 11.3.

Electra for iOS 11.0 - 11.1.2

The first beta for iOS 11.0 - 11.1.2 was released on 13 January 2018. Several betas were released. The betas did not include support for Cydia, however the developer, CoolStar later seeded six release candidate versions to developers with working Cydia support. Electra1112 was then officially released on 26 February 2018.

Version Date Changes
Beta 1 13 January 2018 Initial release
Beta 2
  • Fix Anemone not recognising themes
  • Fix black screen when jailbreaking with tweaks enabled
Beta 3
  • Unlock all NVRAM variables (including setting boot-nonce) [thanks stek29]
  • Add support for binaries with SHA1 hashes (so existing dylibs work fine, but executables will need the entitlement) [thanks stek29]
  • Clean up some garbage files that were present from previous build (yay macOS resource forks and .DS_Store)
  • Hopefully fix the app icon not displaying on iPhones
  • Significantly speed up the rejailbreak process
Beta 3-2 14 January 2018
  • Don't unlock NVRAM variables due to the patch crashing some devices.
Beta 3-3
  • Fix the NVRAM patching crashing due to the memory page being unmapped (thanks Siguza)
Beta 4
  • Disable NVRAM patching as it still appears to be unstable
  • Make amfid patch more reliable so that more dylibs can be run properly
  • Add a "shim" so existing substrate tweaks can use libsubstitute without modifications
Beta 4-2
  • Fix a symlink that would prevent some substrate extensions from working with libsubstitute
Beta 5
  • Fix an issue in the substrate shim where substitute could crash if tweaks tried hooking nonexistent selectors
  • Fix an issue with the dylib loader dragging UIKit (and all its tweaks) into every single daemon
  • Make jailbreakd more robust with input struct size check enforcement
Beta 6 16 January 2018
  • Add a working launchctl for loading launch daemons (thanks nullpixel)
  • Load dropbear as a launch daemon & fix zombie process issue (thanks nullpixel)
  • Set kernel task as host special port #4 (thanks stek29)
Beta 6-2 17 January 2018
  • Fix kernel memory leak in entitlement injector
Beta 6-3 18 January 2018
  • Use host special port #4 to get tfp0 in jailbreakd (thanks n_triangle_dev)
  • Add jailbreakd as a launchd service so it gets restarted if it dies (thanks n_triangle_dev)
Beta 6-4 20 January 2018
  • Don't make jailbreakd rely on pidlistuptrs bug (thanks stek29)
  • log dylib load errors in SBInject (thanks stek29)
  • Clean up launchd payloads (thanks stek29)
  • Load dylibs alphabetically from SBInject (thanks c0ldra1n)
  • Check for jailbreakd start before reloading backboardd
  • Make rejailbreaking significantly faster
Beta 7 23 January 2018
  • amfid now gets re-patched if it ever gets killed (stek29 and coolstar)
  • clean up amfid patch (stek29)
  • Add 3d touch shortcut for jailbreaking (ca13ra1)
Beta 8 26 January 2018
  • Sandbox mitigations are now in place so /Library, /private/var/mobile/Library/Preferences and /bootstrap are now accessible to all processes! (stek29, coolstar)
  • Workaround sandbox mitigations not taking place on apps' first launch (coolstar)
  • Improve reliability of amfid patch so it doesn't hang on malformed requests (e.g. SysSecInfo)
  • Known Bug: Apps will take longer to launch the first time they're launched after rejailbreaking due to a workaround for another bug w/ unsandboxing not working on first launch
Beta 8-2
  • Fixes issues with WebKit (Safari/Chrome), receiving calls, and downloading App Store apps by not working around the sandbox issue in those processes
  • Known Bug: Apps will take longer to launch the first time they're launched after rejailbreaking due to a workaround for another bug w/ unsandboxing not working on first launch
Beta 9 27 January 2018
  • Sandbox is now working on the first launch for apps and daemons (thanks stek29)
  • Remove 0.5 second delay when launching apps or daemons that was present since beta 1 (coolstar)
  • Check if a new beta is available when electra is launched
  • Double-launch workaround has been removed since it's no longer needed, fixing all bugs introduced on beta 8
  • Remove AnemoneFonts.dylib as it was causing problems
  • Important Note: If you are upgrading from beta 8-2 or lower to any beta 9 or higher, you will need to reinstall all tweaks and themes
Beta 10 1 February 2018
  • Fix certain codesigned binaries not working with our amfi payload (coolstar)
  • Add darwintools, debiantools (not dpkg), shell-cmds, system-cmds and uikittools
  • Re-sign most of the bootstrap as SHA1 to prepare for them to be pushed to a repo
  • Code cleanup (stek29 and nullpixel)
  • Fix update checker erroneously saying there's an update in airplane mode
Beta 11 9 February 2018
  • Add libjailbreak so command line tools, apps, etc. can talk to jailbreakd if needed (n_triangle_dev)
  • Use XPC instead of UDP from libjailbreak and xpcproxy (n_triangle_dev)
  • Use TCP instead of UDP from launchd (coolstar)
Beta 11-2 10 February 2018
  • Significantly improve the reliability of jailbreakd so it can handle a large amount of process launches at once (coolstar)
  • Make jailbreakd print directly to stderr rather than NSLog (coolstar)
  • Fix a race condition in beta 11 that would cause jailbreakd to sometimes inject too early, and thus fail to inject (coolstar)
Beta 11-3 12 February 2018
  • Fix a race condition on jailbreakd's launch to improve success rate of jailbreak
1.0 26 February 2018
  • Initial Release
1.0.1
  • Fix some false positives where Electra would think topanga was installed when only liberiOS was
1.0.2 27 February 2018
  • Fix false positives where Electra would think topanga was installed when only liberiOS was
  • Prevent loading pacakges from saurik's repo (since Cydia can't be patched to remove it)
  • Fix APT 0.7 Strict (lib) on devices that may have already updated to the broken copy from saurik's repo
1.0.3 4 March 2018
  • Revert change to XPC in xpcproxy in beta 11
  • Fix intermittent freezing issues that would affect certain devices on beta 10 -> 1.0.2
1.0.4 9 March 2018
  • Remove all XPC code that could possibly have been problematic ever since beta 11
  • Replace TCP, UDP and XPC with MIG (thanks Psychotea from the Meridian team)
  • Recommended to also update Tweak Injector to 1.0.4 from our repo to get safe mode in system daemons as well
1.1.0 26 December 2018
  • Update APT and dpkg packages for Sileo
  • Split cydia into a base and GUI package, so it may be installed alongside Sileo
  • Fix occasional data abort kernel panics
  • Fix occasional freezes that would result in a kernel panic from a watchdog timeout
1.1.0-2
  • Fix missing file that was supposed to be in 1.1.0 (but was present on the 11.2-11.3.1 version)

Electra for iOS 11.2 - 11.4.1 (tvOS 11.2 - 11.3)

With Electra's update to support devices running any iOS between 11.2 to 11.4.1, delays came in place due to Apple's APFS snapshot mitigation of remounting the root filesystem as read/write that was introduced in iOS 11.3. There are many parts of a jailbreak that need read/write to do certain things within the filesystem, and because of Apple's mitigation, a APFS remount workaround was needed to complete the jailbreak. Chinese security researcher Min Zheng had already found and created his own bypass to remount the root filesystem, which many other developers then tried implementing in their own way. During this time, Jonathan Levin, creator of the LiberTV jailbreak for the AppleTV was announcing his plans for updating LiberTV with an APFS remount which the Electra Team could use. Meanwhile, CoolStar had already found a 0day in APFS which would allow the filesystem to be remounted as r/w, but wanted to save it for future use in iOS 12. As this news was absorbed by the community, many people were angry that CoolStar wanted to delay the update for Electra by saving the 0day. However, CoolStar had found yet another 0day and decided to end the waiting on Levin's remount and use one of his APFS 0days instead. Electra1131 was then released a little while later on 6 July 2018.

Support for tvOS 11.2-11.3 was released in a separate IPA on 12 July 2018. Nicknamed "electraTV", this was released in conjunction with nitoTV, who has also released jailbreaks like backr00m, and Jaywalker.

Support for iOS 11.4-11.4.1 was added on 30 January 2019.

Version Date Changes
1.0 6 July 2018
  • Initial Release
1.0.1 7 July 2018
  • Fix app icon not showing up for certain users
  • Fix nonce Generator not being set certain times
1.0.2 8 July 2018
  • Use different bundle identifier for mptcp version
  • Increment bundle id properly
  • Hopefully fix success rate regression with multipath 1.0.1
1.0.3 9 July 2018
  • Add support for 11.4 beta 1 - 11.4 beta 3 (multipath only tested on these firmwares)
1.0.4 12 July 2018
  • Initial release for tvOS (huge thanks to nitoTV and Jaywalker!)
1.0.5 13 July 2018
  • tvOS Only - Fix bugs with 1.0.4 causing long and unreliable jailbreak process
1.1.0 26 December 2018
  • Update APT and dpkg packages for Sileo
  • Split cydia into a base and GUI package, so it may be installed alongside Sileo
  • Fix occasional data abort kernel panics
  • Fix occasional freezes that would result in a kernel panic from a watchdog timeout
  • Improve reliability of vfs exploit
1.2.0 30 January 2019
  • Supports iOS 11.4 - 11.4.1
  • Add async_wake exploit to add support for iOS 11.0 - 11.1.2
  • Use voucher_swap exploit instead of empty_list for iOS 11.2 - 11.4.1
  • Add threadm1ll exploit as an option for iOS 11.2 - 11.4.1 users on A7 or A8 devices
  • Fix overnight reboots
  • Reverted app to git commit 9d9762bdf46f19c4082d82798af41ca273fb0e37 before all code was rewritten from there forward
1.2.1
  • Fix build number so 11.4 - 11.4.1 works properly
1.2.2
  • Fix async_wake so jailbreaking 11.0-11.1.2 works properly
  • Fix nonce generator button not working
1.2.3 31 January 2019
  • Replace threadm1ll exploit with v1ntex for A7 & A8 devices on 11.2-11.4.1
  • Fix initial ldrestart not working on some devices
1.2.5
  • Fix sandbox issues causing app crash on A7 & A8 devices on 11.4-11.4.1
  • Fix post-exploitation (stage 2) failures on A7 & A8 devices on 11.2 - 11.4.1
1.2.6
  • Fix offsetfinder path issue for A7 & A8 devices on 11.4-11.4.1
1.2.7 1 February 2019
  • Fix a bug in v1ntex that resulted a kernel panic later in Step 2
  • Actually test on an A7 device on 11.4 (thanks PastRestore on discord)
1.3.0 3 February 2019
  • No longer require platformization to control launchd (requires tweaks switch enabled)
  • Replace jailbreakd with jailbreakd2 (Next-gen fully-async jailbreakd with prioritization and a faster queuing system)
  • jailbreakd2: Fix freezing in low memory conditions
  • jailbreakd2: Faster ldrestarts, resprings
  • jailbreakd2: XCode debugging success rate improved (click continue in the debugger on SIGCONT to proceed debugging)
1.3.1 5 February 2019
  • Increase jailbreak success rate on A7 - A8 on 11.2+
  • Update liboffsetfinder64 to latest version